Lucene search
+L

2844 matches found

redhatcve
redhatcve
added 2026/05/04 8:21 p.m.12 views

CVE-2026-7594

A vulnerability was detected in Flux159 mcp-game-asset-gen 0.1.0. Affected is the function imageto3dasync of the file src/index.ts of the component MCP Interface. The manipulation of the argument statusFile results in path traversal. The attack can be executed remotely. The exploit is now public...

7.5CVSS6.8AI score0.00418EPSS
Exploits0References1
nvd
nvd
added 2026/05/01 9:16 p.m.5 views

CVE-2026-7594

A vulnerability was detected in Flux159 mcp-game-asset-gen 0.1.0. Affected is the function imageto3dasync of the file src/index.ts of the component MCP Interface. The manipulation of the argument statusFile results in path traversal. The attack can be executed remotely. The exploit is now public...

7.5CVSS0.00418EPSS
Exploits0References5
cve
cve
added 2026/05/01 8:30 p.m.24 views

CVE-2026-7594

The CVE-2026-7594 affects Flux159 mcp-game-asset-gen 0.1.0. The vulnerability is in the MCP Interface component, specifically the image_to_3d_async function in src/index.ts, where manipulation of the statusFile argument leads to path traversal. It can be exploited remotely, and public exploits ex...

7.5CVSS6.8AI score0.00418EPSS
Exploits0References5
euvd
euvd
added 2026/05/01 8:30 p.m.6 views

EUVD-2026-26718

A vulnerability was detected in Flux159 mcp-game-asset-gen 0.1.0. Affected is the function imageto3dasync of the file src/index.ts of the component MCP Interface. The manipulation of the argument statusFile results in path traversal. The attack can be executed remotely. The exploit is now public...

7.5CVSS5.6AI score0.00418EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/05/01 8:30 p.m.5 views

CVE-2026-7594 Flux159 mcp-game-asset-gen MCP index.ts image_to_3d_async path traversal

A vulnerability was detected in Flux159 mcp-game-asset-gen 0.1.0. Affected is the function imageto3dasync of the file src/index.ts of the component MCP Interface. The manipulation of the argument statusFile results in path traversal. The attack can be executed remotely. The exploit is now public...

7.5CVSS6.8AI score0.00418EPSS
Exploits0References5
cvelist
cvelist
added 2026/05/01 8:30 p.m.33 views

CVE-2026-7594 Flux159 mcp-game-asset-gen MCP index.ts image_to_3d_async path traversal

A vulnerability was detected in Flux159 mcp-game-asset-gen 0.1.0. Affected is the function imageto3dasync of the file src/index.ts of the component MCP Interface. The manipulation of the argument statusFile results in path traversal. The attack can be executed remotely. The exploit is now public...

7.5CVSS0.00418EPSS
Exploits0References5
osv
osv
added 2026/05/01 8:30 p.m.4 views

CVE-2026-7594 Flux159 mcp-game-asset-gen MCP index.ts image_to_3d_async path traversal

A vulnerability was detected in Flux159 mcp-game-asset-gen 0.1.0. Affected is the function imageto3dasync of the file src/index.ts of the component MCP Interface. The manipulation of the argument statusFile results in path traversal. The attack can be executed remotely. The exploit is now public...

6.9CVSS6.7AI score0.00418EPSS
Exploits0References7
wired
wired
added 2026/04/26 3:26 a.m.15 views

California Engineer Identified in Suspected Shooting at White House Correspondents’ Dinner

A 31-year-old engineer and self-described indie game developer is suspected of firing shots at the annual event attended by President Donald Trump, high-profile media figures, and US government officials...

5.3AI score
Exploits0
fedora
fedora
added 2026/04/24 12:55 a.m.14 views

[SECURITY] Fedora 43 Update: minetest-5.15.2-1.fc43

Game of mining, crafting and building in the infinite world of cubic blocks w ith optional hostile creatures, features both single and the network multiplayer mode, mods. Public multiplayer servers are available...

9.3CVSS5.2AI score0.00182EPSS
Exploits0
osv
osv
added 2026/04/23 2:16 a.m.8 views

UBUNTU-CVE-2026-41196

Luanti formerly Minetest is an open source voxel game-creation platform. Starting in version 5.0.0 and prior to version 5.15.2, a malicious mod can trivially escape the sandboxed Lua environment to execute arbitrary code and gain full filesystem access on the user's device. This applies to the...

10CVSS6.2AI score0.00374EPSS
Exploits0References2
ubuntucve
ubuntucve
added 2026/04/23 12:0 a.m.12 views

CVE-2026-41196

Luanti formerly Minetest is an open source voxel game-creation platform. Starting in version 5.0.0 and prior to version 5.15.2, a malicious mod can trivially escape the sandboxed Lua environment to execute arbitrary code and gain full filesystem access on the user's device. This applies to the...

10CVSS6.1AI score0.00374EPSS
Exploits0References1
packetstormnews
packetstormnews
added 2026/04/23 12:0 a.m.6 views

Strategic Heterogeneous Multi-Agent Architecture for Cost-Effective Code Vulnerability Detection

Automated code vulnerability detection is critical for software security, yet existing approaches face a fundamental trade-off between detection accuracy and computational cost. We propose a heterogeneous multi-agent architecture inspired by game-theoretic principles, combining cloud-based LLM...

5.6AI score
Exploits0
github
github
added 2026/04/14 6:17 p.m.19 views

Hack the AI agent: Build agentic AI security skills with the GitHub Secure Code Game

I was scrolling through my feed one evening when I came across OpenClaw, an open source personal AI assistant that people were calling everything from "Jarvis" to "a portal to a new reality." The idea is beautiful: an AI that lives on your machine or in the cloud, talks to you over WhatsApp or...

8.8CVSS7.3AI score0.08016EPSS
Exploits5
redhatcve
redhatcve
added 2026/04/08 5:0 a.m.6 views

CVE-2026-5692

A vulnerability was found in Totolink A7100RU 7.4cu.2313b20191024. This impacts the function setGameSpeedCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument enable results in os command injection. The attack may be performed from remote. The exploit has been made public and cou...

7.5CVSS6.8AI score0.01429EPSS
Exploits0References1
euvd
euvd
added 2026/04/07 12:30 a.m.4 views

EUVD-2026-19557

A vulnerability was found in Totolink A7100RU 7.4cu.2313b20191024. This impacts the function setGameSpeedCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument enable results in os command injection. The attack may be performed from remote. The exploit has been made public and cou...

7.5CVSS6.7AI score0.01429EPSS
Exploits0References6
nvd
nvd
added 2026/04/07 12:16 a.m.6 views

CVE-2026-5692

A vulnerability was found in Totolink A7100RU 7.4cu.2313b20191024. This impacts the function setGameSpeedCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument enable results in os command injection. The attack may be performed from remote. The exploit has been made public and cou...

7.5CVSS0.01429EPSS
Exploits0References5
malwarebytes
malwarebytes
added 2026/03/27 1:34 p.m.7 views

Criminals are renting virtual phones to bypass bank security

Researchers at Group-IB warn about criminals using virtual Android devices to bypass modern security solutions. Cloud phones are virtual Android devices that can fully mimic real device fingerprints model, hardware, IP, timezone, sensor data, behavior. This allows them to undermine banks’...

6AI score
Exploits0
redhatcve
redhatcve
added 2026/03/26 3:18 p.m.4 views

CVE-2025-66687

Doom Launcher 3.8.1.0 is vulnerable to Directory Traversal due to missing file path validation during the extraction of game files...

7.5CVSS5.8AI score0.00651EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/03/26 3:18 p.m.7 views

CVE-2026-3983

A security flaw has been discovered in Campcodes Division Regional Athletic Meet Game Result Matrix System 2.1. This affects an unknown part of the file save-games.php. The manipulation of the argument gamename results in cross site scripting. The attack may be performed from remote. The exploit...

5.1CVSS4.2AI score0.00195EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/03/26 3:18 p.m.6 views

CVE-2026-3984

A weakness has been identified in Campcodes Division Regional Athletic Meet Game Result Matrix System 2.1. This vulnerability affects unknown code of the file saveupathlete.php. This manipulation of the argument aname causes cross site scripting. It is possible to initiate the attack remotely. Th...

5.1CVSS4.3AI score0.00195EPSS
Exploits0References1
Rows per page
Query Builder